Users are increasingly performing tasks using remote computing resources, often referred to as part of “the cloud.” This has many advantages, as users do not have to purchase and maintain dedicated hardware and software, and instead can pay for only those resources that are needed at any given time, where those resources typically will be managed by a resource or “cloud” provider. It will often be the case that a user will want one or more cloud resources to perform actions on behalf of the user. In order to provide for the authenticity of an instruction, message, or document involved in the action, a digital signature is often used. If the recipient can verify that the digital signature was generated using a key for a particular sender, then the recipient can be confident that the content originated from the sender. Keys can be obtained from many sources, such as certificate authorities that certify the ownership of a public key by the named owner of the key. Problems arise, however, in the fact that certain environments require logging of signing activities for a key while other environments need to avoid information appearing in such a log, and conventional systems do not provide such flexibility built into a cryptographic system.